logo
DATABASE RESOURCES PRICING ABOUT US

CVE-2020-12695

Description

The Open Connectivity Foundation UPnP specification before 2020-04-17 does not forbid the acceptance of a subscription request with a delivery URL on a different network segment than the fully qualified event-subscription URL, aka the CallStranger issue. #### Bugs * <https://github.com/pupnp/pupnp/pull/181> * <https://github.com/pupnp/pupnp/pull/185> * <https://github.com/pupnp/pupnp/pull/188>


Affected Package


OS OS Version Package Name Package Version
ubuntu 20.04 gupnp 1.2.3-0ubuntu0.20.04.1
ubuntu upstream gupnp 1.2.3-1
ubuntu 16.04 gupnp any
ubuntu upstream libupnp any
ubuntu 16.04 libupnp any
ubuntu 20.04 minidlna 1.2.1+dfsg-1ubuntu0.20.04.1
ubuntu 20.10 minidlna 1.2.1+dfsg-2ubuntu0.1
ubuntu upstream minidlna 1.3.0
ubuntu 16.04 minidlna 1.1.5+dfsg-2ubuntu0.1
ubuntu 20.04 pupnp-1.8 any
ubuntu 22.04 pupnp-1.8 any
ubuntu upstream pupnp-1.8 any
ubuntu 20.04 wpa 2:2.9-1ubuntu4.2
ubuntu 20.10 wpa 2:2.9-1ubuntu8.1
ubuntu 21.04 wpa 2:2.9-1ubuntu10
ubuntu 21.10 wpa 2:2.9-1ubuntu10
ubuntu 22.04 wpa 2:2.9-1ubuntu10
ubuntu 14.04 wpa 2.1-0ubuntu1.7+esm3
ubuntu upstream wpa any
ubuntu 16.04 wpa 2.4-0ubuntu6.7

Related